Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connect with Sara

MORE FROM THIS AUTHOR
Daily News | May 13, 2021

The Biden administration has released an executive order in response to recent supply chain attacks with an immediate focus on securing federal networks through prevention and mitigation measures and incentivizing the commercial software market to improve its security practices.

Daily News | May 12, 2021

Training committee chair Ben Tchoubineh this week departs the accreditation body responsible for establishing an assessment ecosystem for the Pentagon's cyber certification program, and says he's leaving behind a solid foundation for the training of assessors and the preparation of future instructors.

Daily News | April 30, 2021

Matthew Travis, CEO of the accreditation body for assessors under the Defense Department's Cybersecurity Maturity Model Certification program, says he plans to review the organization's code of ethics policy over the next few months and make changes to increase transparency over decision-making.

Daily News | April 30, 2021

The Defense Department's decision to push back the timing of its first pilot contracts with Cybersecurity Maturity Model Certification requirements is creating concerns over the feasibility of meeting deadlines established for the current fiscal year, according to stakeholders.

Daily News | April 28, 2021

The Pentagon is making changes to its rollout schedule for the Cybersecurity Maturity Model Certification program, due to issues with getting assessment organizations that will conduct audits for contractors fully credentialed by the Defense Department, according to a DOD official overseeing the pilots.

The Insider | April 28, 2021

The National Institute of Standards and Technology has released a draft publication designed to help organizations prepare and conduct assessments on their ability to secure controlled unclassified information for high-value assets maintained in non-governmental systems.

Daily News | April 26, 2021

The Defense Contract Management Agency has briefed assessment organizations that want to conduct audits for contractors looking to obtain a Cybersecurity Maturity Model Certification on preparing for and going through the process to get their own certification.

The Insider | April 23, 2021

Two researchers from Carnegie Mellon University who worked with Pentagon officials to develop the Cybersecurity Maturity Model Certification program will be teaching a five-hour course on the landmark effort at a National Defense Industrial Association training event on May 6.

Daily News | April 23, 2021

The Pentagon's acquisition office has given its approval for the first contract solicitations with cyber certification requirements, and the rollout of the requests for proposals is expected in the summer, according to a Defense Department spokeswoman.

Daily News | April 16, 2021

Defense Department acquisition Chief Information Security Officer Katie Arrington says her office is working to establish reciprocity with other government standards such as the General Services Administration's FedRAMP, in an effort to help companies reach compliance with the Cybersecurity Maturity Model Certification program more quickly while still maintaining necessary security requirements.

Daily News | April 15, 2021

The Defense Department is expected to release contract solicitations with new cyber certification requirements in the coming weeks, but assessment companies are concerned about the impact of limited quality assurance guidance from the Pentagon and its independent accreditation body before the contractor auditing process officially starts.

Daily News | April 7, 2021

The Defense Department has issued two new resources for contracting officials regarding the identification of controlled unclassified information and how it should be identified on government documents.

The Insider | April 6, 2021

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is creating an Industry Advisory Council composed of private-sector leaders from organizations that will be seeking to get certified to compete for DOD contracts.

The Insider | April 2, 2021

The Defense Information Systems Agency is looking to determine if an upcoming broadband contract should contain Cybersecurity Maturity Model Certification requirements and whether industry has capacity to achieve compliance with the Pentagon cyber program.

Daily News | April 1, 2021

The Pentagon is moving full speed ahead with its plans for the first year of the Cybersecurity Maturity Model Certification program, despite potential obstacles in finding the right first pilot contracts and meeting demand for assessors.

The Insider | March 31, 2021

Former Cybersecurity and Infrastructure Security Agency Deputy Director Matthew Travis will lead the independent accreditation authority behind the Pentagon's Cybersecurity Maturity Model Certification program, according to an announcement from the entity's board of directors.

Daily News | March 26, 2021

The Defense Department expects to release its first contract solicitations containing Cybersecurity Maturity Model Certification requirements in the April-May timeframe, according to a Pentagon spokeswoman. The solicitations will focus on requests for proposals in development from the Army and the Air Force.

Daily News | March 24, 2021

Results from agency-led reports on semiconductor and high-capacity battery supply chains will help the Biden administration identify immediate priorities around reshoring manufacturing capacity and a risk management approach in collaboration with the private sector, according to a senior intelligence official.

Daily News | March 18, 2021

CMMC Accreditation Body chair Karlton Johnson says his organization is prepared to meet the demand for assessments from contractors once the first certified, third-party assessment organizations are approved by the Defense Contract Management Agency.

Daily News | March 15, 2021

Tabletop exercises conducted by the National Defense Industrial Association in coordination with Pentagon cyber certification leaders found areas of improvement are needed to clarify CMMC requirements for industry around operational technology and the marking of controlled unclassified information.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.